Quoting Karsten M. Self (kmself@ix.netcom.com):
> Makes many of the same points as I do. Though he doesn't address the
> "what if it happens on :80, :22, :25" problem.
But we on Unix have been contemplating, and contending with, the latter
problem for the last couple of decades. (RTFM about RTM, good sir.)
The difference is that, in our community, we've never consider unattended
vulnerabilities and compromises to be Someone Else's Problem. If we
learn that someone _failed to notice_ (and correct) his system suddenly
putting its ethernet ports in promiscuous mode and attacking everyone
else, we tend to tell him, in a friendly but firm fashion, "You screwed
up. Would you like some help in learning ways to not screw up in the
future?"
I personally think it'd be salubrious if backbone ISPs, instead of
switching off port-transport on account of the packet storm du jour,
would just send 440V three-phase back down the compromised-and-attacking
systems' ethernet ports. Maybe give 'em an hour's grace time, to notice
and correct their problems.
--
Cheers, We write precisely We say exactly
Rick Moen Since such is our habit in How to do a thing or how
rick@linuxmafia.com Talking to machines; Every detail works.
Excerpt from Prof. Touretzky's decss-haiku.txt @ http://www.cs.cmu.edu/~dst/